Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Cryptographic protection of information in a processing system

a processing system and information technology, applied in the field of processor information security, can solve problems such as data stored in memory modules being subject to theft, data stored therein being subject to unauthorized access, and the hypervisor itself being vulnerable to exploitation

Active Publication Date: 2015-09-03
ADVANCED MICRO DEVICES INC
View PDF5 Cites 91 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

This patent describes a technique to protect information in a processing system where different virtual machines are executed. Normally, a hypervisor is used to isolate the VMs by assigning them separate memory resources to prevent them from accessing each other's information. However, this can be vulnerable to bugs or malicious modification of the hypervisor. The patent proposes using encryption techniques to protect the information of each VM from access by the hypervisor or other VMs. This prevents unauthorized access to information and ensures that only authorized users can understand or interpret it.

Problems solved by technology

However, flaws (e.g. bugs) in the hypervisor can cause the hypervisor itself to be vulnerable to exploitation, allowing one VM to access the information of another VM.
Even in more private security environments, such as a personal computer, data stored in memory modules can be subject to theft, and the data stored therein subject to unauthorized access.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Cryptographic protection of information in a processing system
  • Cryptographic protection of information in a processing system
  • Cryptographic protection of information in a processing system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0017]FIGS. 1-11 illustrate techniques for protecting secure information at a processing system by employing a hardware encryption module in the processor's memory access path to cryptographically isolate the secure information. In some embodiments, the encryption module is located at a memory controller (e.g. northbridge) of the processor, and each memory access provided to the memory controller indicates whether the access is a secure memory access, indicating the information associated with the memory access is designated for cryptographic protection, or a non-secure memory access. For secure memory accesses, the encryption module performs encryption (for write accesses) or decryption (for read accesses) of the data associated with the memory access. Because the encryption is done by hardware in the processor's memory access path, the data stored at the memory is not meaningfully accessible without the correct encryption / decryption key.

[0018]In some embodiments the processor is e...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

A processor employs a hardware encryption module in the processor's memory access path to cryptographically isolate secure information. In some embodiments, the encryption module is located at a memory controller (e.g. northbridge) of the processor, and each memory access provided to the memory controller indicates whether the access is a secure memory access, indicating the data associated with the memory access is designated for cryptographic protection, or a non-secure memory access. For secure memory accesses, the encryption module performs encryption (for write accesses) or decryption (for read accesses) of the data associated with the memory access.

Description

BACKGROUND[0001]1. Field of the Disclosure[0002]The present disclosure relates generally to processors and more particularly to information security at a processor.[0003]2. Description of the Related Art[0004]In many processor applications, protection of information security is an important feature. For example, a processor can be used in a server in an Infrastructure As A Service (IAAS) environment, wherein the processor executes one or more virtual machines (VMs) and executes a hypervisor to partition the server hardware among the VMs and isolate the VMs from each other. Because different VMs may be executed on behalf of different customers, it is desirable that the information (instructions and data) employed by each VM be protected from access by other VMs. Conventionally, the hypervisor maintains isolation of VM information by maintaining separate memory page tables and other logical entities for each VM. However, flaws (e.g. bugs) in the hypervisor can cause the hypervisor its...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(United States)
IPC IPC(8): G06F12/14
CPCG06F2212/402G06F12/1408G06F9/45533G06F21/602G06F12/1036G06F21/53G06F2009/45583G06F9/45558G06F2009/45587G06F2009/4557
Inventor KAPLAN, DAVID A.WOLLER, THOMAS ROYPEREZ, RONALD
Owner ADVANCED MICRO DEVICES INC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com